cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
708
Views
0
Helpful
3
Replies

Can you throttle traffic/requests by IP or HTTP Header info with ACE?

jdean1
Level 1
Level 1

I am looking for a way to throttle certain traffic either by source IP or by info I can extract in the http header or uri. I dont want to block this traffic, I just want to throttle it down from say 50 requests /sec to 2 requests/sec or add a delay to the response.

The goal is to not allow certain high volume out of control automated traffic to dominate resources in a web farm. Any ideas?

3 Replies 3

Gilles Dufour
Cisco Employee
Cisco Employee

with version 2.0 you will be able to rate-limit traffic based on the criteria you mentioned.

However, the action taken when the traffic exceeds the limit is to drop.

Not dropping would mean to buffer data and send them later with a delay.

This is a risky business. Buffering means more memory needed - more cpu. And what happens during a site attack for hackers ?

Definitely, you want to drop.

Applications can recover anyway.

Gilles.

Thanks. Just to be clear on the rate limit criteria:

Will we be able to rate limit based on requests per second? or just bandwidth utilization?

We are concerned with requests/sec. Thanks,

JD

both options will exist.

Connection rate and bandwidth rate.

Gilles.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: